1 (edited by vladimir.camaj 2021-06-07 21:15:54)

Topic: RoundCube, SOGo, iRedAdmin are not accessible

- iRedMail version (check /etc/iredmail-release): folder dos not exists
- Deployed with iRedMail Easy or the downloadable installer? installer I mean
- Linux/BSD distribution name and version: Ubuntu 20.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.

I have a iRedmail server. Few weeks ago I checked it everything worked fine. Today I tried to open RoudCube, SOGo, iRedAdmin and non of this web services was available. Everything had a problem with https certificate. I checked the cron for renewal certs and it is there. Here is the code

0 3 * 1-12 * certbot renew --post-hook '/usr/sbin/service postfix restart; /usr/sbin/service nginx restart; /usr/sbin/service dovecot restart'

I tough every day is not necessary if cert is valid for 90 days. Ones a month should be enough. Even though I have a renewal email message everyday in mailbox. It seems there is another cron to renew certs. As I remember new Certbot do it automatically at the background....

According this documentation I made restart of services and it is running. But why the crone from doc does not contain MySQL and OpenLDAP restart?

I would like to understand what happened. Thanks.


Re: RoundCube, SOGo, iRedAdmin are not accessible

- You may need to check old cron notification emails to figure it out.
- Feel free to restart mysql/openldap if you need it.
- But if mysql/openldap is only accessible from localhost (and blocked in firewall), no need to enable ssl support in them, this way you don't need to restart them which may cause Postfix temporarily rejects emails during service restart (can not connect to them).


Buy me a cup of coffee ($5) to support iRedMail:

buy me a cup of coffee


Re: RoundCube, SOGo, iRedAdmin are not accessible

Thanks for the answer and sorry for late reaction. I misses the notification. If Mysql is hidden behind the firewall no need ssl. I does make sense. Will see how it will work in future.